Home Solution Forum Ticket Tips
Welcome
Login  Sign up
  1. Cloud Z Support Portal
  2. Solution home
  3. Managed Service
  4. SK Enterprise Support for AWS
Open navigation

[EC2] An alarm setting is required when a Security Group change operation occurs.

Print
Z CARE Modified on: Thu, Jun 12, 2025 at 4:40 PM

Situation 

  • An alert is required to track any changes to Security Groups made by users other than the administrator. 

Resolution 

  1. Create an SNS Topic 

  2. Configure SNS Subscription 

    • Create a subscription with the protocol set to email. 

    • A confirmation email will be sent to the provided address — click "Confirm" in the email to complete the subscription process.

  3. Create Change Security Group Event Rule 

    • EventBridge > Events > Rules > Create Rule 

      • Event Pattern > Use a predefined pattern provided by the service. 

      • Service Provider : AWS

      • Service Name : EC2

      • Event Type : AWS API Call via CloudTrail

      • Specific Operations : AuthorizeSecurityGroupIngress, AuthorizeSecurityGroupEgress, RevokeSecurityGroupIngress, RevokeSecurityGroupEgress, CreateSecurityGroup, DeleteSecurityGroup 추가

    • Link the created SNS topic as the event rule's target. 

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.